"The Amazon services were configured insecurely and this enabled attackers to steal Facebook data," said John Pescatore, director of emerging trends at SANS Institute.

The new Google features are a big deal, he said. "There is a constant stream of these news items about AWS S3 buckets, several breaches a month.”

In addition to more native security features, Google is partnering with outside vendors for additional capabilities.

For example, StackRox offers detailed insights and security configuration support for Kubenetes containers. Previously, Google cloud customers who wanted to use StackRox tools would have two separate management panels – one for Google's own tools, and one for StackRox.

Today, the StackRox data will be available via Google's Cloud Security Command Center.

And it's not just for containers deployed on Google own platform, said Michelle McLean, VP of product marketing at StackRox. The security data can come from any private or public cloud service provider offering Kubernetes containers, as well as more limited data from providers offering non-Kubernetes containers.

"We can paint a much richer picture if we can talk to Kubernetes," said McLean.

According to McLean, there are several areas of potential vulnerability with containers.

The first one is that Kubernetes by default allows any asset to talk to any other asset. That makes it easier for developers to build their applications and makes the platform backward-compatible with older systems. The downside is a larger-than-necessary potential attack surface.

StackRox can analyze an application’s traffic patterns, identity which communication lines are being used and which can be shut down, handling the necessary configurations automatically. "We took a super complicated problem and we've made it automated and instant," said McLean.

Another potential security issue is access to the Kubernetes native management dashboard.

Last year, she said, hackers used Tesla’s Kubernetes platform to generate new containers to run cryptomining software. "They didn't steal Tesla data, but Tesla was paying the bill for cryptominers because of these exposed Kubernetes dashboards," said McLean.

In addition to working with third-party vendors like StackRox, Google is building out its own configuration management tools, said Jess Leroy, Google's director of product management for cloud security.

"The Google security team has gone through all the different types of configurations that typically lead to breaches and created scanners that allow customers to go through and look for things like public buckets that shouldn't be public," he said.

Altogether, 32 such detections have already been built, as well an intelligent security policy recommendation tool and troubleshooter.

"It's common for customers to over-grant privileges," he said. "It means that there's a much broader attack surface."

Google's own tools will also ingest data from non-Google platforms, such as private cloud deployments and Amazon Web Services.

But Google isn't out to compete with enterprise SIEM vendors, said Leroy. "We don't consider this to be a SIEM product," he said. "And most of our customers continue to use their own SIEM products."

Customers can export data to one of Google's SIEM partners or get custom exports to other platforms.

"We did a custom exporter for Splunk because many of our customers really wanted to push data to Splunk," said Leroy.

Authentication and Phishing Protection

Google has been working to protect its own services and users on both these fronts. For example, Gmail automatically filters or blocks suspected phishing emails, the Chrome browser protects users from visiting suspected phishing websites, and two-factor authentication is available for most of Google's products.

Enterprises now have access to these tools in a variety of different ways.

For example, it can take weeks, or months, for a company to shut down a malicious website that spoofs their official one to trick visitors into giving up credentials or downloading malware. Google now allows companies to submit spoofed sites so it can immediately block them for its billions of users.

Google is also expanding its authentication services to companies to use with their own apps. And its Android-based strong authentication, a separate, secure alternative to text messages, is now also available.

Key fobs and similar physical security keys can be easily lost or left at home, said Rob Sadowski, trust and security marketing lead at Google, and SMS-based verifications can be hacked.

"Our security keys are actually immune to those attacks," he said. "And we pretty much always have our phones. That makes it easy to use and always available."

This could be a good security feature for data centers to use for their administrators and other privileged users, said SANS Institute's Pescatore. But rolling it out to all enterprise users in general could be more difficult, he added, since not everyone has Android phones.